Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Pennsylvania courts say it didn't a pay ransom in cyberattack, and attackers never sent a demand

Pennsylvania’s state courts agency says it never received a ransom demand as part of a cyberattack that briefly shut down some of its online services earlier this month and prompted a federal investigation

Marc Levy
Thursday 15 February 2024 19:34 GMT
Pennsylvania Courts Cyberattack
Pennsylvania Courts Cyberattack (Copyright 2023 The Associated Press. All rights reserved.)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Pennsylvania's state courts agency said Thursday that it never received a ransom demand as part of a cyberattack that briefly shut down some of its online services earlier this month and prompted a federal investigation.

The attack, called a “denial of services” attack, on the website of the Administrative Office of Pennsylvania Courts disabled some online portals and systems that were all fully restored this week, officials said.

The attack didn't compromise any data or stop the courts from operating on a normal schedule, officials said.

A courts agency spokesperson said officials there never received a ransom demand from the attackers, never had any communication with the attackers and never paid anything to meet any sort of demand.

The state Supreme Court's chief justice, Debra Todd, said a federal investigation was continuing.

Neither the courts nor the FBI or the federal government’s lead cybersecurity agency, the U.S. Cybersecurity and Infrastructure Security Agency, have identified the attacker. There have been no apparent claims of responsibility.

In a statement, Todd said the “significant and serious” attack was “orchestrated by a faceless and nameless virtual opponent who was intent on attacking our infrastructure and orchestrating a shutdown of our state judicial system.”

“These anonymous actors attempted to undermine our mission to make justice accessible and to shutter the operation of the statewide court system," Todd said.

A “denial of service” cyberattack is common and happens when attackers flood the targeted host website or network with traffic or requests until the site is overwhelmed or crashes.

The attack comes after Kansas’ judicial branch was the victim of what it called a ” sophisticated cyberattack ” late last year from which it took months and millions of dollars to recover. That attack was blamed on a Russia-based group.

Major tech companies Google Cloud, Microsoft and Amazon Web Services have been hit by such attacks in recent years, as have financial institutions. In 2022, some U.S. airport sites were hit. Some of the biggest attacks have been attributed to Russian or Chinese hackers.

Cybersecurity experts say denial-of-service hackers are often state-backed actors seeking money and can use tactics to try to hide their identity. Such attacks also can be used to mask an underlying attack, such as a ransomware attack, experts say.

Networking experts can defuse the attacks by diverting the flood of internet traffic.

___

Follow Marc Levy at twitter.com/timelywriter.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in